﻿using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

public partial class Login : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void Button1_Click(object sender, EventArgs e)
    {

        SqlConnection con = new SqlConnection("server=localhost;database=reg_sys;integrated security=true;");

        con.Open();

        string pass = password.Text;
        //string pass = FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, "MD5");

        string sqlSel = "select count(*) from TableUserInfo where UserName=@username and Password=@userpass";

        SqlCommand com = new SqlCommand(sqlSel, con);

        com.Parameters.Add(new SqlParameter("username", SqlDbType.VarChar, 20));
        com.Parameters["username"].Value = username.Text;
        com.Parameters.Add(new SqlParameter("userpass", SqlDbType.VarChar, 50));
        com.Parameters["userpass"].Value = pass;

        if (Convert.ToInt32(com.ExecuteScalar()) > 0)
        {
            RegisterStartupScript("", "<script>alert('Login Success!')</script>");
            username.Text = password.Text = "";
            Server.Transfer("UserInfo.aspx");
        }
        else
        {
            RegisterStartupScript("", "<script>alert('Username or Password not match!')</script>");
        }
    }
}
